GET /pkiprofile/{uuid}

GET /pkiprofile/{uuid}

/pkiprofile/{uuid}

Request
URI
GET
https://{api_host}/api/pkiprofile/{uuid}
COPY
Path Parameters
string
uuid
Required

UUID of the object to fetch

Query Parameters
string
name
Optional

object name

string
fields
Optional

List of fields to be returned for the resource. Some fields like name, URL, uuid etc. are always returned.

boolean
include_name
Optional

All the Avi REST reference URIs have a name suffix as URI#name. It is useful to get the referenced resource name without performing get on that object.

boolean
skip_default
Optional

Default values are not set.

string
join_subresources
Optional

It automatically returns additional dependent resources like runtime. Eg. join_subresources=runtime.

Header Parameters
string
X-Avi-Tenant
Optional

Avi Tenant Header

string
X-Avi-Tenant-UUID
Optional

Avi Tenant Header UUID

string
X-Avi-Version
Required

The caller is required to set Avi Version Header to the expected version of configuration. The response from the controller will provide and accept data according to the specified version. The controller will reject POST and PUT requests where the data is not compatible with the specified version.

string
X-CSRFToken
Optional

Avi Controller may send back CSRF token in the response cookies. The caller should update the request headers with this token else controller will reject requests.


Responses
200

OK

Returns PKIProfile of type(s) application/json
{
    "_last_modified": "string",
    "allow_pki_errors": [
        "string"
    ],
    "ca_certs": [
        {
            "certificate": "string",
            "certificate_signing_request": "string",
            "chain_verified": false,
            "days_until_expire": 0,
            "expiry_status": "string",
            "fingerprint": "string",
            "issuer": {
                "common_name": "string",
                "country": "string",
                "distinguished_name": "string",
                "email_address": "string",
                "locality": "string",
                "organization": "string",
                "organization_unit": "string",
                "state": "string"
            },
            "key_params": {
                "algorithm": "string",
                "ec_params": {
                    "curve": "string"
                },
                "rsa_params": {
                    "exponent": 0,
                    "key_size": "string"
                }
            },
            "not_after": "string",
            "not_before": "string",
            "public_key": "string",
            "self_signed": false,
            "serial_number": "string",
            "signature": "string",
            "signature_algorithm": "string",
            "subject": {
                "common_name": "string",
                "country": "string",
                "distinguished_name": "string",
                "email_address": "string",
                "locality": "string",
                "organization": "string",
                "organization_unit": "string",
                "state": "string"
            },
            "subject_alt_names": [
                "string"
            ],
            "text": "string",
            "version": "string"
        }
    ],
    "configpb_attributes": {
        "version": 0
    },
    "created_by": "string",
    "crl_check": false,
    "crl_file_refs": [
        "string"
    ],
    "crls": [
        {
            "body": "string",
            "common_name": "string",
            "distinguished_name": "string",
            "etag": "string",
            "fingerprint": "string",
            "last_refreshed": "string",
            "last_update": "string",
            "next_update": "string",
            "server_url": "string",
            "text": "string",
            "update_interval": 0
        }
    ],
    "ignore_peer_chain": false,
    "is_federated": false,
    "markers": [
        {
            "key": "string",
            "values": [
                "string"
            ]
        }
    ],
    "name": "string",
    "tenant_ref": "string",
    "url": "string",
    "uuid": "string",
    "validate_only_leaf_crl": false
}
string
_last_modified
Optional

UNIX time since epoch in microseconds. Units(MICROSECONDS).

array of string
allow_pki_errors
Optional

Exempt errors during certificate verification. Enum options - ALLOW_EXPIRED_CRL, ALLOW_ALL_ERRORS. Field introduced in 30.1.1. Maximum of 1 items allowed. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.

array of object
ca_certs
Optional

List of Certificate Authorities (Root and Intermediate) trusted that is used for certificate validation. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.

object
configpb_attributes
Optional

configpb_attributes

string
created_by
Optional

Creator name. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.

boolean
crl_check
Optional
Constraints: default: true

When enabled, Avi will verify via CRL checks that certificates in the trust chain have not been revoked. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.

array of string
crl_file_refs
Optional

Refers to FileObject containing CRL body. It is a reference to an object of type FileObject. Field introduced in 30.2.1. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.

array of object
crls
Optional

List of Certificate Revocation Lists.This field is now represented by a file via the fileobject semantics. Field deprecated in 30.2.1. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.

boolean
ignore_peer_chain
Optional

When enabled, Avi will not trust Intermediate and Root certs presented by a client. Instead, only the chain certs configured in the Certificate Authority section will be used to verify trust of the client's cert. Allowed in Enterprise edition with any value, Essentials edition(Allowed values- true), Basic edition(Allowed values- true), Enterprise with Cloud Services edition. Special default for Essentials edition is true, Basic edition is true, Enterprise is False.

boolean
is_federated
Optional

This field describes the object's replication scope. If the field is set to false, then the object is visible within the controller-cluster and its associated service-engines. If the field is set to true, then the object is replicated across the federation. . Field introduced in 17.1.3. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.

array of object
markers
Optional

List of labels to be used for granular RBAC. Field introduced in 20.1.5. Allowed in Enterprise edition with any value, Essentials edition with any value, Basic edition with any value, Enterprise with Cloud Services edition.

string
name
Required

Name of the PKI Profile. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.

string
tenant_ref
Optional

It is a reference to an object of type Tenant. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.

string
url
Optional

url

string
uuid
Optional

Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.

boolean
validate_only_leaf_crl
Optional
Constraints: default: true

When enabled, Avi will only validate the revocation status of the leaf certificate using CRL. To enable validation for the entire chain, disable this option and provide all the relevant CRLs. Allowed in Enterprise edition with any value, Essentials edition(Allowed values- true), Basic edition(Allowed values- true), Enterprise with Cloud Services edition.


401

log in failed

Operation doesn't return any data structure

Code Samples
COPY
                    curl -H 'Authorization: <value>' https://{api_host}/api/pkiprofile/{uuid}